Open Source

30314 readers

1676 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Posts must be relevant to the open source ideology
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago

MODERATORS

[email protected]

420

Ventoy source code contains some unknown BLOBs, still no word on the issue from the dev after months (github.com)

submitted 1 day ago by [email protected] to c/[email protected]

121 comments fedilink hide all child comments

I had no idea this issue had been identified. While I find this tool very useful, the project is seeming rather questionable to me now.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 77 points 1 day ago (17 children)

I too wish the developer would respond, but I don't think this is the catastrophe people are making it out to be. One comment seems to explain why these binaries are included:

Because ventoy supports shim, and by extension secure boot, these files needs to come from a signed Linux distro. In this case they are taken from Fedora releases, and OpenSUSE apparently, as they publish shim binaries and grub binaries signed by their certificate.

[–] [email protected] 23 points 1 day ago

On the contrary: that just goes to show what a fucking catastrophe for software freedom "Secure[sic] Boot" is.

load more comments (16 replies)